We've got a global system that we are attempting to solve a permissions issue around. Currently, our system serves a number of different applications out to our clients and each client has their own ...

If you have a menu "Admin tasks" and different admin tasks (like 10) that you could separately assign to each user, but there are users who don't have any admin tasks, how would you deal with "Hiding ...

I have an app that have multiple users. In my app an user can
- create contacts (people)
- edit contacts
- view contacts
- create an entry to agenda
- view entry from agenda
Also I need that User A ...

I am trying to configure a mysql database table that I can use as a per user/group permissions table. Almost like what Facebook has, for a local company intranet site.
What is the best possible way ...

I am designing an application where users message one another privately, and may send messages to any Entity in the database (an Entity may not have a user account yet, it is a professional database). ...

Should user permission checks take place in the model or the controller? And who should handle the permission checks, the User object or some UserManagement helper?
Where should it happen?
Checking ...

I am working on a tool (Python, may or may not be important) that will allow a user to maintain a configuration file containing arbitrary shell and/or language code to be executed on particular events ...

I want to implement a security system into my web-based Intranet application which allows security administrators to 'fine-tune' exactly what type of access a user/role has to an object. For example, ...

I am using cppcms to create a blog like application and I'm trying to write a permission system, although I'm confused as to what would be the most efficient and manageable method.
At the moment, I ...

Which approach makes most sense to use, the destructive one or the non-destructive one? Does anyone have real-world experience with one, both or even a different approach?
Model
A permission scheme ...

I'm thinking about limiting the rights of users who choose insecure passwords (insecurity of a password being determined by length, how many types of characters (upper/lower case, numbers, symbols, ...